Deployment

Security

Security settings and operational guardrails for SkyPort.

SkyPort already has security-related configuration in the backend and CLI. The docs should describe those real controls rather than inventing a security product layer.

Important Backend Settings

  • JWT_SECRET for API authentication
  • JWT_EXPIRES for token lifetime
  • ALLOWED_ORIGINS for browser access
  • TRUSTED_PROXIES for proxy-aware deployments
  • SKYPORT_ENCRYPTION_KEY for encrypted sensitive data
  • SKYPORT_OPEN_REGISTRATION to control onboarding

SSH And Remote Access

  • prefer key-based SSH where possible
  • use strict host verification when you have a stable known_hosts setup
  • keep terminal sessions authenticated and short-lived

Proxy And TLS

  • expose the UI through HTTPS
  • keep reverse proxy mappings tied to real host ports
  • use Caddy auto-TLS where appropriate

Safe Documentation Pattern

When documenting security, focus on:

  1. Which setting exists.
  2. What it controls.
  3. What the operator must still do manually.

Next

  1. Read Production Setup.
  2. Read Authentication.
SkyPort

SkyPort Docs

Self-hosted infrastructure platform